1 / 17

TLS

TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary. 14.1 Introduction. Transport Layer Security (TLS) [RFC2246] TLS provides transport layer security for Internet applications

faustus-marlas
Download Presentation

TLS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TLS

  2. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary

  3. 14.1 Introduction • Transport Layer Security (TLS) [RFC2246] • TLS provides transport layer security for Internet applications • It provides for confidentiality and data integrity over a connection between two end points • TLS operates on a reliable transport, such as TCP, and is itself layered into • TLS Record Protocol • TLS Handshake Protocol

  4. Advantage of TLS • applications can use it transparently to securely communicate with each other • TLS is visible to applications, making them aware of the cipher suites and authentication certificates negotiated during the set-up phases of a TLS session

  5. 14.2 TLS Record Protocol • TLS Record Protocol layers on top of a reliable connection-oriented transport, such as TCP • TLS Record Protocol • provides data confidentiality using symmetric key cryptography • provides data integrity using a keyed message authentication checksum (MAC) • The keys are generated uniquely for each session based on the security parameters agreed during the TLS handshake

  6. Basic operation of the TLS Record Protocol • read messages for transmit • fragment messages into manageable chunks of data • compress the data, if compression is required and enabled • calculate a MAC • encrypt the data • transmit the resulting data to the peer

  7. At the opposite end of the TLS connection, the basic operation of the sender is replicated, but in the reverse order • read received data from the peer • decrypt the data • verify the MAC • decompress the data, if compression is required and enabled • reassemble the message fragments • deliver the message to upper protocol layers

  8. 14.3 TLS Handshake Protocol • TLS Handshake Protocol is layered on top of the TLS Record Protocol • TLS Handshake Protocol is used to • authenticate the client and the server • exchange cryptographic keys • negotiate the used encryption and data integrity algorithms before the applications start to communicate with each other

  9. Figure 14.1 illustrates the actual handshake message flow • [Step1] • the client and server exchange Hello messages • the client sends a ClientHello message, which is followed by the server sending a ServerHello message

  10. these two messages establish the TLS protocol version, the compression mechanism used, the cipher suite used, and possibly the TLS session ID • additionally, both a random client nonce and a random server nonce are exchanged that are used in the handshake later on

  11. [Step2] • the server may send any messages associated with the ServerHello • depending on the selected cipher suite, it will send its certificate for authentication • the server may also send a key exchange message and a certificate request message to the client, depending on the selected cipher suite

  12. to mark the end of the ServerHello and the Hello message exchange, the server sends a ServerHelloDone message

  13. [Step3] • next, if requested, the client will send its certificate to the server • in any case, the client will then send a key exchange message that sets the pre-master secret between the client and the server • optionally, the client may also send a Certificate Verify message to explicitly verify the certificate that the server requested

  14. [Step4] • then, both the client and the server send the ChangeCipherSpec messages and enable the newly negotiated cipher spec • the first message passed in each direction using the new algorithms, keys and secrets is the Finished message, which includes a digest of all the handshake messages • each end inspects the Finished message to verify that the handshake was not tampered with

  15. 註: • Digest of all the handshake messages • means the results of applying a one-way hash function to the handshake messages

  16. 14.4 Summary • TLS protocol provides transport layer security for Internet applications and confidentiality using symmetric key cryptography and data integrity using a keyed MAC • It also includes functionality for client and server authentication using public key cryptography

More Related